Should I still use OpenSSL

OpenSSL does not have a good record of secure coding although they patch their codes very quickly. The most recent Heartbleed bug allows users to access the memory space (which also includes the keys loaded in the memory) from a direct connection to any application running the affected versions of OpenSSL.

• Hearbleed Bug:   http://heartbleed.com
• OpenSSL CVE: http://www.openssl.org/news/vulnerabilities.html

What should you turn to next if you decide to drop OpenSSL from the list of SSL cryptographic providers? You might want to try out Mozilla's NSS and use the NSS to replace the leaky OpenSSL library.

Mozilla shrugs off DHS requests

Read:

• http://www.osnews.com/story/24703/Mozilla_Resists_DHS_Request_to_Take_Down_Firefox_Extension
• https://lockshot.wordpress.com/2011/05/05/homeland-security-request-to-take-down-mafiaafire-add-on/

Good job for Mozilla to stand up against rampant bullies by people who think they have authority to misuse it as they will. People should not simply follow some stupid and audacious requests unless a lawful court order given by a sound court decision is presented.

Flashless Flash

We have all heard about Smokescreen which is a JavaScript/HTML 5 library that runs Flash videos without having a Flash player.

we have long known of the bad performance of Adobe Flash in Linux and Mac platforms and the troubles are never ending with Adobe doing a bad job with Flash. Just a note, whenever I have Youtube running Flash, my browsers (I am using Ubuntu 10.04) just crash. Regardless is it Firefox, Opera or Chrome... it took a dive and died.

It would be an interesting idea to implement a kind of method or plugin that would intercept demands to run Flash and swap it with Smokescreen (maybe by using the browser to internally edit it's downloaded HTML codes abit) and run Flash on Smokescreen. 

Although Smokescreen is still not really ready yet, it would be an interesting test implementation to behold.

Maybe Mozilla could donate a couple of developers to focus on helping those guys developing Smokescreen and greatly boost it's development process and quality ?